No network-logon is complete without some form of automation to establish the user's working-environment. For instance, although the logon-process establishes the user's rights to access certain folders on the server, it does nothing to provide an easy route-of-access to those files, such as a drive-letter or shortcut. . Thus, while a network could in principle get-by without a logon-script, it would be a very user-unfriendly place, calling for user to know the ins-and-outs of accessing all sorts of obscure resources by way of complex and hard-to-remember procedures. The logon-script makes those resources easy to access.MyLogon supports the time-honoured method of providing a logon-script, which is to use a batch-file. Any function which can be called from a batch-file is also available, of course. AutoIt, KixStart or VBS extensions are of course supported if launched from the batch-file.
MyLogon now permits the use of "ini-style" logon scripts. These are text files with the extension of ".mls" or ".ini" which would normally reside in the server's netlogon share. Optionally the script may be called from another location, by supplying a full UNC path. For very small networks with no 'real' server, the script may alternatively be placed in the local machine's MyLogon folder, in which case it should be referred-to in the settings with the "local:" prefix, for example "local:myscript.mls"
Note: There is no compulsion to use this new system, conventional scripts will work as previously.
The ini-style script has a number of section-headers, in square brackets. Within these sections, properties and their values are given as pairs separated by an equals (=) sign. The order of the sections in the file does not determine the order of their execution.
This section lists the programs to be launched before the drive mappings are established. Its syntax matches that of the Run or RunWait sections, see later. On most sites this section will be rarely used, but it's included for completeness.
The heart of the script, and the place where the drive-letter that
users see will be created. Each drive-mapping is created by way of a
"Driveletter=Sharename" entry on a separate line. The driveletter must
be followed by a colon, and the sharename may be either a full, valid UNC
path, or as a shorthand entry the name of a share on the master server will also be accepted.
Optionally, the driveletter may be replaced by a descriptive name, with no colon. This creates a share with no matching driveletter, but which should be accessible by its UNC name, or from Network Places. This format is useful mainly for shares used by the machine itself (e.g access to antivirus-update folders for the AV program's own use) that the user need not see on the desktop.
H: = \\netserver\salesfolder
U: = \\netserver\homes\%user%
V: = \\netserver\machines\%computer%
Q:=medical(The last one will connect the Q: drive to the medical share on whichever server the user was first authenticated-to, allowing for a very easy-to-understand syntax on small sites.)
Lists programs to be launched after the mappings have been established. (Which is most-often the required action) - Programs are run concurrently, without any pause in the script. The entries consist of a descriptive name, an equals sign, and the UNC or local path to the file. Note that the user may be granted control of the machine whilst these programs are still in the process of launching.
Similar to Run, but programs are launched sequentially, and each must complete before the next is launched. Beware that a program added to this section, but which never completes, could cause the machine to hang-up. It should therefore only be used for programs which must execute in a specific order.
With the new syntax, no special action is needed for trust-relationships, other than to ensure that the correct domain is specified in the network-section of MyLogon.ini.
In the above sections, the value part of any statement can contain
either of the macros %user% or %computer% - in which case the real
value of that variable will be substituted at logon-time. The username
referred-to here is that entered into MyLogon. This allows for the
access of user-specific home folders as shares, or machine-specific
data. This also applies to conventional batch scripts, where %user% and
%computer% (lowercase) are available as environment variables.